If you have multiple computers using the same Internet access at your house, you're probably using a router. And if you use a router you should  be seriously concerned about a new security issue that was announced by Symantec. But don't worry -- there's a super-easy fix.

Do you have a router? A router connects one or several computers to a single Internet connection. You plug your broadband modem into it (though sometimes the modem is built-in), and then ethernet cables for as many computers as you want to go on the Internet. This is a pretty basic explanation; there's a more extensive Wikipedia article at http://en.wikipedia.org/wiki/Router .

What you may not realize is that routers often have many setup options. I have a router at work, for example, where I can specify when the computers to which it's connected can connect to the Internet, I can set certain content to be filtered out, and so on. You access the router's setup options by going to a particular IP address, which you type into your browser. (It's often something like 192.168.0.1 , but will vary depending on what kind of router you have.) To change the options on your router, you have to log in and provide a user name and password.

And that's where the security issue starts. Many modems have a default router user name and password of admin/admin, and often when you install a router you're told what the default password is, and it's suggested that you should probably change it, but nobody climbs out of your screen and hits your desk and says "YOU KNOW, IT'S REALLY IMPORTANT THAT YOU CHANGE THIS PASSWORD."

With this blog entry, consider me crawling out the screen and hitting your desk. :->

Symantec has pointed out that routers which do not have their default passwords changed are vulnerable to malicious JavaScript on Web sites. This is an unusual security issue in that the concern is not your computer being broken into, but your router's DNS settings being changed.

DNS? DNS stands for Domain Name System. Your router's DNS settings are able to translate the domain names of the Web sites you want to go visit (WRAL.com) to an IP address that computers on the Internet can understand (In WRAL's case, that would be 216.27.85.170.) The DNS default settings on your router connect to legit DNS nameservers that will correctly translate domain names to IP addresses. But if you visited a Web site with certain malicious JavaScript, your router's settings could be changed so that your router is connecting to an evil DNS nameserver.

The evil DNS nameserver will take the domain names that you're typing in and reroute them to fraudulent sites. For example, perhaps you want to log into PayPal. You type in PayPal.com, but instead of going to PayPal.com, your compromised router takes you via the evil DNS nameserver to a phishing site that looks exactly like PayPal. Not thinking anything is wrong -- after all, you typed PayPal.com into your browser -- you provide your user name and password. And bang, your information's been stolen. You could lose a lot of information this way -- logging into banks, investment Web sites, merchants, and so on.

You are ONLY vulnerable to this issue if haven't changed your router's default password. If you changed your router's default password when you installed it, congrats, you're all good. If you HAVEN'T changed it, change it! It'll only take you a minute.

Instructions for changing the router passwords are in your router's documentation, but if you have better things to do with your time than save booklets for electronic equipment, lemme help you out. (There are LOTS of router models out there; if these instructions don't work for you visit the manufacturer's site for your router. Look for the support area and then search for your router's model number and the words change password.)

If you've got a LinkSys router, check out the instructions at its support site.

If you've got a D-Link modem, check their support site's article to see if your model number is mentioned. You'll get instructions on how to change the password and the default password. If you can't find your model number here, you can search the support database with your router's model number and the words change password.

If you have a Netgear router, you can get a security overview and default passwords at the Netgear.com site .

As a general rule, you should always change default passwords. But most router setups do not make a big deal out of the fact that the passwords are required or even exist! Fortunately it's quick and easy to change your router's password.